﻿<?php
    if(isset($_REQUEST["comment"]) &&
        isset($_REQUEST["id"]) &&
        isset($_SESSION["MaTaiKhoan"]))
        {
            $MaComment = date("d").date("m").substr(date("Y"),2,2).date("h").date("i").date("s");
            $NoiDung = $_REQUEST["comment"];
            $MaSP = $_REQUEST["id"];
            $MaND = $_SESSION["MaTaiKhoan"];
            date_default_timezone_set('Asia/Ho_Chi_Minh');
            $ThoiGian = date("d/m/y h:i:s");
            $query = "INSERT INTO comment (`MaComment`, `MaSP`, `NoiDung`, `ThoiGian`, `MaND`)
                        VALUES('".$MaComment."' , '".$MaSP."' , '".$NoiDung."' , '".$ThoiGian."', '".$MaND."') ";//
            $result = DataProvider::executeQuery($query);
            
            echo '<script type="text/javascript">';
            echo 'location="trangchu.php?act=4&id='.$MaSP.'"';
            echo '</script>';
        }
        
        else
        {
            echo '<script type="text/javascript">';
            echo "alert('Bạn phải đăng nhập để gửi bình luận')";
            echo '</script>';
            echo '<script type="text/javascript">';
            echo 'location="trangchu.php?act=1"';
            echo '</script>';
        }
    

?>